FreeBSD Security Advisory (FreeBSD-SA-07:06.tcpdump.asc) Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-07:06.tcpdump.asc

Solution

Upgrade your system to the appropriate stable release or security branch dated after the correction date https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-07:06.tcpdump.asc

Insight

Tcpdump is a commonly used network diagnostic utility which decodes packets received on the wire into human readable format. An un-checked return value in the BGP dissector code can result in an integer overflow. This value is used in subsequent buffer management operations, resulting in a stack based buffer overflow under certain circumstances.

Severity

Classification

CVE CVE-2007-3798
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: apr
FreeBSD Ports: coppermine
FreeBSD Ports: asterisk14
FreeBSD Ports: apache
FreeBSD Ports: bugzilla

Take action and discover your vulnerabilities